[PPPOE]: Use ifindex instead of device pointer in key lookups.
authorFlorian Zumbiehl <florz@gmx.de>
Mon, 5 Mar 2007 00:03:22 +0000 (16:03 -0800)
committerDavid S. Miller <davem@sunset.davemloft.net>
Mon, 5 Mar 2007 21:25:28 +0000 (13:25 -0800)
Otherwise we can potentially try to dereference a NULL device
pointer in some cases.

Signed-off-by: David S. Miller <davem@davemloft.net>
drivers/net/pppoe.c
include/linux/if_pppox.h

index 86e56f1f2f0bd0a9e215afbb35d6f7ba5b992240..ebfa2967cd68213a4ac8069b1807205631d58910 100644 (file)
@@ -140,7 +140,7 @@ static struct pppox_sock *__get_item(unsigned long sid, unsigned char *addr, int
 
        ret = item_hash_table[hash];
 
-       while (ret && !(cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_dev->ifindex == ifindex))
+       while (ret && !(cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_ifindex == ifindex))
                ret = ret->next;
 
        return ret;
@@ -153,7 +153,7 @@ static int __set_item(struct pppox_sock *po)
 
        ret = item_hash_table[hash];
        while (ret) {
-               if (cmp_2_addr(&ret->pppoe_pa, &po->pppoe_pa) && ret->pppoe_dev->ifindex == po->pppoe_dev->ifindex)
+               if (cmp_2_addr(&ret->pppoe_pa, &po->pppoe_pa) && ret->pppoe_ifindex == po->pppoe_ifindex)
                        return -EALREADY;
 
                ret = ret->next;
@@ -174,7 +174,7 @@ static struct pppox_sock *__delete_item(unsigned long sid, char *addr, int ifind
        src = &item_hash_table[hash];
 
        while (ret) {
-               if (cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_dev->ifindex == ifindex) {
+               if (cmp_addr(&ret->pppoe_pa, sid, addr) && ret->pppoe_ifindex == ifindex) {
                        *src = ret->next;
                        break;
                }
@@ -529,7 +529,7 @@ static int pppoe_release(struct socket *sock)
 
        po = pppox_sk(sk);
        if (po->pppoe_pa.sid) {
-               delete_item(po->pppoe_pa.sid, po->pppoe_pa.remote, po->pppoe_dev->ifindex);
+               delete_item(po->pppoe_pa.sid, po->pppoe_pa.remote, po->pppoe_ifindex);
        }
 
        if (po->pppoe_dev)
@@ -577,7 +577,7 @@ static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
                pppox_unbind_sock(sk);
 
                /* Delete the old binding */
-               delete_item(po->pppoe_pa.sid,po->pppoe_pa.remote,po->pppoe_dev->ifindex);
+               delete_item(po->pppoe_pa.sid,po->pppoe_pa.remote,po->pppoe_ifindex);
 
                if(po->pppoe_dev)
                        dev_put(po->pppoe_dev);
@@ -597,6 +597,7 @@ static int pppoe_connect(struct socket *sock, struct sockaddr *uservaddr,
                        goto end;
 
                po->pppoe_dev = dev;
+               po->pppoe_ifindex = dev->ifindex;
 
                if (!(dev->flags & IFF_UP))
                        goto err_put;
index 4fab3d0a4bcef5e7d6e0c9047b30b09afdead916..e33ee763c052ebfeeaf24d9d1cd2876ff0228008 100644 (file)
@@ -114,6 +114,7 @@ struct pppoe_hdr {
 #ifdef __KERNEL__
 struct pppoe_opt {
        struct net_device      *dev;      /* device associated with socket*/
+       int                     ifindex;  /* ifindex of device associated with socket */
        struct pppoe_addr       pa;       /* what this socket is bound to*/
        struct sockaddr_pppox   relay;    /* what socket data will be
                                             relayed to (PPPoE relaying) */
@@ -132,6 +133,7 @@ struct pppox_sock {
        unsigned short          num;
 };
 #define pppoe_dev      proto.pppoe.dev
+#define pppoe_ifindex  proto.pppoe.ifindex
 #define pppoe_pa       proto.pppoe.pa
 #define pppoe_relay    proto.pppoe.relay